Why does MySQL complain about an unknown column in this query?

Question

I am getting following error while I try to use mysql query

Problem in Query
com.mysql.jdbc.exceptions.MySQLSyntaxErrorException: Unknown column 'abc123' in 'where clause'

This is what I am using

public Student validate_Student(String s, String t) {

    Student obj = new Student();

    int w = Integer.parseInt(s);

        String query = "SELECT s.* FROM student s JOIN login l on s.id = l.Student_ID WHERE l.Student_ID = " + w + " and l.Password= " + t;

        try
        {
            ResultSet rs = stmt.executeQuery(query);
            while (rs.next()) {
                obj.setID(rs.getString("ID"));
                obj.setName(rs.getString("NAME"));
                obj.setAddress(rs.getString("ADDRESS"));
                obj.setPhone(rs.getString("PHONE_NO"));
                obj.setEmail(rs.getString("EMAIL"));
                obj.setDOB(rs.getString("DOB"));
                obj.setDegree(rs.getString("DEGREE"));

            }

        }
        catch(SQLException e)
        {
            System.out.println("Problem in Query");
            e.printStackTrace();
        }


    }
    return obj;
}

Your problem would be solved if you used parameterized queries. — Gordon Linoff, Jul 25 '15 at 12:18

score 0 · Accepted Answer · edited May 23 '17 at 12:13

0

Try with replacing the following line.

String query = "SELECT s.* FROM student s JOIN login l on s.id = l.Student_ID WHERE l.Student_ID = " + w + " and l.Password = '" + t +"'";

UPDATE : You should use PrepareStatement instead of Statement in above example, which will help you to handle this kind of situations easily.

Also, there are more Advantages of Prepare Statement.

Prepare Statement Demo

I hope it helps.

edited May 23 '17 at 12:13

Community

1
1

answered Jul 25 '15 at 12:00

Vishal Zanzrukia

4,902
4
38
82

Thanks, I tried that but it didn't work same error, (I have tried with datatype of Password in Login table as both text and varchar(75) but still gives me same error – Danish Ali Jul 25 '15 at 12:04
This is what I am using to get text from Passwordfield String w = String.valueOf(passwordField.getPassword()); – Danish Ali Jul 25 '15 at 12:05
@DanishAli I think you missed the extra single quotes in this answer if you say it didn't work. – RealSkeptic Jul 25 '15 at 12:05
@Danish, if it works you should upvote the answer and also mark it as accepted, so it can helps to others :) – Vishal Zanzrukia Jul 25 '15 at 13:59

Why does MySQL complain about an unknown column in this query?

1 Answers1